A vulnerability described as critical has been identified in FlowiseAI Flowise and flowise-components up to 3.0.x . Impacted is an unknown function of the component Custom Function Feature . Such manipulation leads to improper access controls. This vulnerability is referenced as CVE-2026-41270 . It is possible to launch the attack remotely. No exploit is available. Upgrading the affected component is recommended.